CVE-2008-7127 - Vulnerability Details - OpenCVE

osagent.exe in Borland VisiBroker Smart Agent 08.00.00.C1.03 and earlier allows remote attackers to cause a denial of service (crash) via a crafted packet with a large string length value to UDP port 14000, which triggers a memory allocation failure that is not properly handled.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Microfocus	Visibroker

Configuration 1 [-]

cpe:2.3:a:microfocus:visibroker:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://aluigi.altervista.org/adv/visibroken-adv.txt
http://archives.neohapsis.com/archives/fulldisclosure/2008-03/0018.html
http://osvdb.org/43058
http://secunia.com/advisories/29213
http://www.securityfocus.com/bid/28084
http://www.vupen.com/english/advisories/2008/0748/references
https://exchange.xforce.ibmcloud.com/vulnerabilities/40983

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2009-08-31T10:00:00

Updated: 2024-08-07T11:56:14.206Z

Reserved: 2009-08-31T00:00:00

Link: CVE-2008-7127

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2009-08-31T10:30:01.187

Modified: 2025-04-09T00:30:58.490

Link: CVE-2008-7127

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2008-03-03T00:00:00", "descriptions": [{"lang": "en", "value": "osagent.exe in Borland VisiBroker Smart Agent 08.00.00.C1.03 and earlier allows remote attackers to cause a denial of service (crash) via a crafted packet with a large string length value to UDP port 14000, which triggers a memory allocation failure that is not properly handled."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-16T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "http://aluigi.altervista.org/adv/visibroken-adv.txt"}, {"name": "20080303 Heap overflow in Borland VisiBroker Smart Agent 08.00.00.C1.03", "tags": ["mailing-list", "x_refsource_FULLDISC"], "url": "http://archives.neohapsis.com/archives/fulldisclosure/2008-03/0018.html"}, {"name": "visibroker-smartagent-dos(40983)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40983"}, {"name": "43058", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/43058"}, {"name": "29213", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/29213"}, {"name": "ADV-2008-0748", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2008/0748/references"}, {"name": "28084", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/28084"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2008-7127", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "osagent.exe in Borland VisiBroker Smart Agent 08.00.00.C1.03 and earlier allows remote attackers to cause a denial of service (crash) via a crafted packet with a large string length value to UDP port 14000, which triggers a memory allocation failure that is not properly handled."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://aluigi.altervista.org/adv/visibroken-adv.txt", "refsource": "MISC", "url": "http://aluigi.altervista.org/adv/visibroken-adv.txt"}, {"name": "20080303 Heap overflow in Borland VisiBroker Smart Agent 08.00.00.C1.03", "refsource": "FULLDISC", "url": "http://archives.neohapsis.com/archives/fulldisclosure/2008-03/0018.html"}, {"name": "visibroker-smartagent-dos(40983)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40983"}, {"name": "43058", "refsource": "OSVDB", "url": "http://osvdb.org/43058"}, {"name": "29213", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/29213"}, {"name": "ADV-2008-0748", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/0748/references"}, {"name": "28084", "refsource": "BID", "url": "http://www.securityfocus.com/bid/28084"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T11:56:14.206Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://aluigi.altervista.org/adv/visibroken-adv.txt"}, {"name": "20080303 Heap overflow in Borland VisiBroker Smart Agent 08.00.00.C1.03", "tags": ["mailing-list", "x_refsource_FULLDISC", "x_transferred"], "url": "http://archives.neohapsis.com/archives/fulldisclosure/2008-03/0018.html"}, {"name": "visibroker-smartagent-dos(40983)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40983"}, {"name": "43058", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/43058"}, {"name": "29213", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/29213"}, {"name": "ADV-2008-0748", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2008/0748/references"}, {"name": "28084", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/28084"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2008-7127", "datePublished": "2009-08-31T10:00:00", "dateReserved": "2009-08-31T00:00:00", "dateUpdated": "2024-08-07T11:56:14.206Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:microfocus:visibroker:*:*:*:*:*:*:*:*", "matchCriteriaId": "C1D3737F-4146-4ED8-B7E5-137FE2F0D274", "versionEndIncluding": "08.00.00.c1.03", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "osagent.exe in Borland VisiBroker Smart Agent 08.00.00.C1.03 and earlier allows remote attackers to cause a denial of service (crash) via a crafted packet with a large string length value to UDP port 14000, which triggers a memory allocation failure that is not properly handled."}, {"lang": "es", "value": "osagent.exe en Borland VisiBroker Smart Agent v08.00.00.C1.03 y anteriores permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda) a trav\u00e9s de una paquete manipulado con una logitus de cadena larga al puerto UDP 14000, lo que provoca una fallo de localizaci\u00f3n de memoria que no se gestiona de forma adecuada."}], "id": "CVE-2008-7127", "lastModified": "2025-04-09T00:30:58.490", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2009-08-31T10:30:01.187", "references": [{"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://aluigi.altervista.org/adv/visibroken-adv.txt"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://archives.neohapsis.com/archives/fulldisclosure/2008-03/0018.html"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://osvdb.org/43058"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/29213"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://www.securityfocus.com/bid/28084"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2008/0748/references"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40983"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://aluigi.altervista.org/adv/visibroken-adv.txt"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://archives.neohapsis.com/archives/fulldisclosure/2008-03/0018.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://osvdb.org/43058"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/29213"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://www.securityfocus.com/bid/28084"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2008/0748/references"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40983"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-399"}], "source": "nvd@nist.gov", "type": "Primary"}]}